config/cgit.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63

{ config, lib, pkgs, ... }:
let
  fcgiPort = (import ../data/aliases.nix).services.fcgi.port;
  gitPort = (import ../data/aliases.nix).services.git.port;
  gitPath = "/storage/projects";
  cacheDir = "/var/lib/cgit/cache";
  configFile = pkgs.writeText "cgitrc" ''
    virtual-root=/
    scan-path=${gitPath}
    cache-root=${cacheDir}
    cache-size=1000
    max-stats=year
    root-title=KJ repositories
    root-desc=Repositories hosted at git.orbekk.com.
    enable-commit-graph=true
    repository-sort=age
    enable-html-serving=1
  '';
in
{
  imports = [ ./fcgiwrap.nix ];

  networking.firewall.allowedTCPPorts = [ gitPort ];

  services.nginx = {
    enable = true;
    virtualHosts = {
      "git-internal" = {
        root = "${pkgs.cgit}/cgit";
        listen = [{ addr = "*"; port = gitPort; }];
        extraConfig = "try_files $uri @cgit;";
        locations."/git/" = {
          extraConfig = ''
            rewrite ^/git/(.*) https://git.orbekk.com/$1 permanent;
          '';
        };
        locations."@cgit" = {
          extraConfig = ''
            include "${pkgs.nginx}/conf/fastcgi_params";
            fastcgi_param CGIT_CONFIG "${configFile}";
            fastcgi_param SCRIPT_FILENAME "${pkgs.cgit}/cgit/cgit.cgi";
            fastcgi_param PATH_INFO       $uri;
            fastcgi_param QUERY_STRING    $args;
            fastcgi_param HTTP_HOST       $server_name;
            fastcgi_pass  127.0.0.1:${toString fcgiPort};
          '';
        };
      };
    };
  };

  systemd.services.cgit-init = {
    description = "init cgit cache";
    path = [ pkgs.coreutils ];
    after = [ "networking.target" ];
    wantedBy = [ "multi-user.target" ];
    script = ''
      echo "Creating cache directory"
      mkdir -p ${cacheDir}/cache
      chown fcgi:fcgi ${cacheDir}/cache
    '';
  };
}